Watch out for malicious emails seeming to come from dioceseofnj.org accounts
At least one diocesan email account has been accessed by malicious users to attempt to steal your email username and password.
The email (received from both dioceseofnj.org users and outside users) include a link to a supposed secure Acrobat file called “Settlement Docs, Invoice & E_receipt.pdf.” If you click the link, it will take you to the real Adobe web site. But if you try to access the document on that site, it will redirect you to another web site pretending to be Microsoft Outlook online, asking for your username and password. If you submit this, the hackers now have access to your email.
If you have done this, immediately—right now—log into your email program and change your password. Seen above are screen shots of the malicious email process. First is the content of the email. Second is the warning from Adobe that you are about to go to another web site. Third is the fake Microsoft Outlook site asking for email address and password.
The rule of thumb always is that if something seems suspicious, be suspicious. And never provide sensitive information unless you have confirmed the legitimacy of the request. Look closely at the web address of the site you’re on. In this case, the site pretending to be Microsoft Outlook was actually “thesphere.com.” Look for the telltale signs of fraud.
